Control: tags -1 -moreinfo Hi Sebastian,
Thanks for looking into this issue. Yes, it is intentional. We should always check whether first_raw is NULL or not. I have reproduced the issue in the CI-pipeline [1], and the proposed patch fixes the issue [2]: no more segfault, just an error message due to exploit. [1] https://salsa.debian.org/science-team/libgetdata/-/jobs/1631525 [2] https://salsa.debian.org/science-team/libgetdata/-/jobs/1633848 Anton Am Mo., 10. Mai 2021 um 22:27 Uhr schrieb Sebastian Ramacher < [email protected]>: <skip> > > +--- libgetdata-0.10.0.orig/src/parse.c > > ++++ libgetdata-0.10.0/src/parse.c > > +@@ -2504,6 +2504,9 @@ char *_GD_ParseFragment(FILE *restrict f > > + if (D->error == GD_E_OK && !match) > > + first_raw = _GD_ParseFieldSpec(D, p, n_cols, in_cols, > strlen(in_cols[0]), > > + NULL, me, 0, 1, &outstring, tok_pos); > > ++ if (first_raw == NULL) { > > ++ _GD_SetError(D, GD_E_BAD_DIRFILE, GD_E_ENTRY_TYPE, NULL, 0, > NULL); > > ++ } > > Is it intentional that newly addeded if is evaluated in any case or is > this patch missing curly brackets for the body of "if (D->error = > GD_E_OK && !match)"? >
